Security Engineer Lead

Beyond Identity

Dallas, TX, US
  • Job Type: Full-Time
  • Function: IT
  • Post Date: 04/29/2021
  • Website: www.beyondidentity.com
  • Company Address:

About Beyond Identity

Beyond Identity's mission is to empower the next generation of secure digital business. By eliminating passwords and creating a fundamentally secure Chain of Trustâ„¢, our customers are able to increase business velocity, implement new business models, and reduce operating costs.

Job Description

At Beyond Identity, our mission is to provide passwordless authentication which allows the implementation of passwordless identity management. Passwords are an antiquated technique for establishing a person’s identity with a digital service. 80%+ of cyber incidents involve the misuse or mishandling of passwords, it is time for passwords to be replaced by strong security techniques that are usable by an audience that is not technical.

The ideal candidate for the position will be a self-starter who is driven to find innovative ways to improve the product. The candidate will be results-oriented, passionate in the improvement of the user experience, and a critical and strategic thinker.  The candidate is highly organized, can multitask and meet aggressive deadlines, and is a team-player and team-builder who can make meaningful and long-lasting connections with others. 

The candidate must have the ability to assess and analyze a wide range of information to draw conclusions on how to improve the security of our systems. The candidate will be responsible for building out Beyond Identities Security Engineering and Security Operations team from the ground up, aligning the team around our new SecOps initiatives, implementing company wide security controls, and working within the risk management frameworks. You will provide strong leadership through technical excellence and mentoring, and your contributions will be key to the success of Beyond Identity.

Responsibilities

  • Lead a SecOps team that is responsible for the implementation of all Cloud-Native security and corporate controls
  • Provide technical leadership through mentoring, a commitment to technical excellence, accountability, transparency, and skills development
  • Responsible for screening and testing the organization’s security software for vulnerabilities, including existing systems and any new software they might obtain
  • Partner with Security and Compliance teams to identify, manage, document, and implement best practices and automated controls for cloud and internal solutions
  • Stay up to date with the latest application security developments and security trends to continually improve internal processes
  • Assess current applications and architecture to determine methods for automating security testing and control validation
  • Contribute to technical design, product and vendor selection, application and technical architectures related to SecOps, transformation and automation efforts
  • Establish, document, and maintain the security and regulatory posture of platforms and solutions
  • Respond to security incidents by conducting incident response activities involving containment to remediation and lessons learned
  • Collaborate with the operations team to understand the risk of the vulnerabilities at the time of discovery as well as if new information, such as an exploit in the wild, requires reprioritization or a change in tactics
  • Partner with the Development team to understand and address security requirements early in the software development life cycle (SDLC)

Skills & Qualifications

  • Bachelor’s Degree in Computer Science or similar
  • 4+ years of experience with Agile, SecOps practices working with cross-functional teams and integrating security into a CI/CD environment
  • 1+ years of experience with securing cloud systems 
  • Deep experience with security incident response, including process, metrics, and operational execution
  • Solid Experience in performing security vulnerability assessment and deployment of relevant tools ( i.e Nessus, other )
  • Strong WAF and Security Modelling,  proven experience writing WAF rules
  • Knowledge of any CyberSecurity Frameworks such as CIS, NIST, ISO, COBIT
  • Understanding of SecOps principles, tools, and their application for Cloud-Native Applications including Terraform, Kubernetes, Docker, Istio, Envoy
  • Hands-on experience in security systems, including firewalls, intrusion detection systems, authentication systems, log management, content filtering, penetration test tooling (based on NIST CSF / OWASP), and automated vulnerability testing
  • Broad knowledge of security monitoring, prevention, and control techniques and how they can be applied in a traditional IT environment as well as cloud-based systems

Pluses

  • Experience with the use and deployment of Nginx, Postgres, Redis, Memcached, GitLab/GitHub, and the Atlassian platform
  • Experience with cloud-based security management / IDS /IPS / SIEM / DLP tools such as Splunk, AlienVault, AlertLogic, Prisma Cloud, Threat Stack, OWASP ZAP, OWTF
  • Experience with one or more SSO methodologies (SAML, LDAP, MS AD)
  • Experience leading Computer Incident Response Team (CSIRT)
  • Experience creating and implementing Data Classification Policy and Data Loss Prevention controls
  • Experience establishing compliance and system hardening using CIS frameworks and vulnerability scanners
  • Preferred certifications:  CISSP, Security+, CEH, CCSP, ITIL, CISM

Related Jobs

Data Engineer - NYC / DC

Beyond Identity - New York City, NY, US

Security Engineer Lead

Beyond Identity - Dallas, TX, US

Senior Backend Engineer - NYC / DC

Beyond Identity - New York City, NY, US

Senior Front End Developer

Beyond Identity - New York, US

Sr. Sales Engineer

Beyond Identity - United States of America
Disclaimer: Local Candidates Only
This company does NOT accept candidates from outside recruiting firms. Agency contacts are not welcome.